7661 matches found
Malicious Package
Overview @smt-front/analytics is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
WordPress Slimstat Analytics plugin <= 5.3.2 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by mcdruid in WordPress Plugin Slimstat Analytics versions = 5.3.2...
CVE-2025-14609
The Wise Analytics plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.1.9. This is due to missing capability checks on the REST API endpoint '/wise-analytics/v1/report'. This makes it possible for unauthenticated attackers to access sensitive...
CVE-2025-14609
The Wise Analytics plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.1.9. This is due to missing capability checks on the REST API endpoint '/wise-analytics/v1/report'. This makes it possible for unauthenticated attackers to access sensitive...
CVE-2025-14609 Wise Analytics <= 1.1.9 - Missing Authorization to Unauthenticated Arbitrary Analytics Database Disclosure via 'name' Parameter
The Wise Analytics plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.1.9. This is due to missing capability checks on the REST API endpoint '/wise-analytics/v1/report'. This makes it possible for unauthenticated attackers to access sensitive...
CVE-2025-14609 Wise Analytics <= 1.1.9 - Missing Authorization to Unauthenticated Arbitrary Analytics Database Disclosure via 'name' Parameter
The Wise Analytics plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.1.9. This is due to missing capability checks on the REST API endpoint '/wise-analytics/v1/report'. This makes it possible for unauthenticated attackers to access sensitive...
CVE-2025-14609
Consolidated: CVE-2025-14609 affects the Wise Analytics WordPress plugin (versions
WordPress Wise Analytics plugin <= 1.1.9 - Missing Authorization to Unauthenticated Arbitrary Analytics Database Disclosure via 'name' Parameter vulnerability
Missing Authorization to Unauthenticated Arbitrary Analytics Database Disclosure via 'name' Parameter vulnerability discovered by Lior Yeshayahu in WordPress Plugin Wise Analytics versions = 1.1.9...
WordPress plugin Wise Analytics has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-4568
The Wise Analytics plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.1.9. This is due to missing capability checks on the REST API endpoint '/wise-analytics/v1/report'. This makes it possible for unauthenticated attackers to access sensitive...
Oracle Business Intelligence Enterprise Edition (OAS 8.2) (January 2026 CPU)
The version of Oracle Business Intelligence Enterprise Edition OAS 8.2.0.0 installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product o...
Oracle Business Intelligence Enterprise Edition (OAS 7.6) (January 2026 CPU)
The version of Oracle Business Intelligence Enterprise Edition OAS 7.6.0.0 installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product o...
Oracle Business Intelligence Enterprise Edition (12.2.1.4) (January 2026 CPU)
The version of Oracle Business Intelligence Enterprise Edition 12.2.1.4 installed on the remote host is affected by multiple vulnerabilities as referenced in the January 2026 CPU advisory. - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component...
CVE-2026-21976
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Oracle Analytics Cloud. Supported versions that are affected are 7.6.0.0.0 and 8.2.0.0.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure...
CVE-2026-0554
The NotificationX plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'regenerate' and 'reset' REST API endpoints in all versions up to, and including, 3.1.11. This makes it possible for authenticated attackers, with Contributor-level...
EUVD-2026-3763
Malicious code in genki-analytics npm...
Malicious Package
Overview genki-analytics is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in genki-analytics (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e636da349bfd5c22a704e2651968ebd55878349304e3f3d69904853a440aa407 The package genki-analytics was found to contain malicious code. Source: ghsa-malware 791197b134fc48f105a6db2a597a13ea389bd70b75daa689a891a96ba1d251e...
MAL-2026-389 Malicious code in genki-analytics (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e636da349bfd5c22a704e2651968ebd55878349304e3f3d69904853a440aa407 The package genki-analytics was found to contain malicious code. Source: ghsa-malware 791197b134fc48f105a6db2a597a13ea389bd70b75daa689a891a96ba1d251e...
EUVD-2026-3536
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Oracle Analytics Cloud. Supported versions that are affected are 7.6.0.0.0 and 8.2.0.0.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure...